Security News

UPDATE. Researchers are warning that several popular Google Play applications - including mobile browser app Edge - have yet to push out an important update addressing a high-severity vulnerability in the Google Play Core Library. The vulnerability exists in Google Play Core Library, which is utilized by various popular applications like Google Chrome, Facebook and Instagram.

Multiple Android mobile apps found in Google Play, including Baidu Search Box and Baidu Maps, were found by researchers to be leaking data that could be used to track users - even if they switch devices. Researchers found the apps in question to expose a range of information, including: Phone model; screen resolution; phone MAC address; wireless carrier; network; Android ID; International Mobile Subscriber Identity; and International Mobile Equipment Identity.

Malicious Android apps have a habit of sneaking their way into the Google Play store without getting caught by the usual security protections. A collection of more than 20 apps found by security firm Kaspersky on Google Play pretended to be Minecraft mods but were actually adware.

Fans of the popular Minecraft video game are in the crosshairs of cybercriminals, who have loaded up Google Play with scam apps bent on fleecing players out of cash. According to researchers, the mobile apps for Android fool users into spending hundreds of dollars per month, by offering skins, wallpapers and game mods for Minecraft and other games at super-premium prices.

Despite Google's best efforts to keep Android users safe, malware does manage to slip into Google Play from time to time, and the 21 malicious apps that Avast identified recently are proof of that. The offending applications appear to have been downloaded roughly 8 million times before being discovered.

The White Ops team of researchers, including Cirling, Michael Gethers, Lisa Gansky and Dina Haines, - who named the investigation "RAINBOWMIX," inspired by the 8-16 bit color palate running throughout the retro game apps - found that these fraudulent apps were downloaded more than 14 million times by unsuspecting users. "Most of the RAINBOWMIX apps have a"C-shaped rating distribution curve," the team reported.

Google has announced two new security initiatives: one is aimed at helping bug hunters improve the security of various browsers' JavaScript engines, the other at helping Android OEMs improve the security of the mobile devices they ship. "JavaScript engine security continues to be critical for user safety, as demonstrated by recent in-the-wild zero-day exploits abusing vulnerabilities in v8, the JavaScript engine behind Chrome. Unfortunately, fuzzing JavaScript engines to uncover these vulnerabilities is generally quite expensive due to their high complexity and relatively slow processing of input," noted Project Zero's Samuel Groß.

Google is taking the step of prohibiting "Stalkerware" in Google Play, along with apps that could be used in political-influence campaigns. Google also specified that any consent-based tracking-related apps distributed on the Play Store must comply with certain parameters.

Researchers have discovered more than 300 apps on the Google Play Store breaking basic cryptography code using a new tool they developed to dynamically analyze it. The research sheds new light on how easy it is for popular mobile apps-the ones analyzed had from hundreds of thousands of downloads to more than hundreds of millions-to break basic security rules, researchers noted in their work.

Google has deleted six apps from its Google Play marketplace that were infecting users with the Joker malware. As of Wednesday, Google confirmed with Threatpost that all infected applications have been removed from Google Play, but researchers said that they are still installed on the devices of their users, and urged users to immediately delete the apps.